Total
10673 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-9348 | 2024-10-16 | N/A | N/A | ||
| Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view. | |||||
| CVE-2024-9507 | 2024-10-15 | N/A | 4.9 MEDIUM | ||
| The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.15.2 due to improper input validation within the iconUpload function. This makes it possible for authenticated attackers, with Administrator-level access and above, to leverage a PHP filter chain attack and read the contents of arbitrary files on the server, which can contain sensitive information. | |||||
| CVE-2024-45117 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2024-10-10 | N/A | 7.6 HIGH |
| Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended directories via PHP filter chain and also can have a low-availability impact on the service. Exploitation of this issue does not require user interaction and scope is changed. | |||||
| CVE-2024-8518 | 2024-10-10 | N/A | 3.3 LOW | ||
| CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft 2 application when a specially crafted project file is loaded by an application user. | |||||
| CVE-2024-47823 | 2024-10-10 | N/A | N/A | ||
| Livewire is a full-stack framework for Laravel that allows for dynamic UI components without leaving PHP. In livewire/livewire prior to `2.12.7` and `v3.5.2`, the file extension of an uploaded file is guessed based on the MIME type. As a result, the actual file extension from the file name is not validated. An attacker can therefore bypass the validation by uploading a file with a valid MIME type (e.g., `image/png`) and a “.php” file extension. If the following criteria are met, the attacker can carry out an RCE attack: 1. Filename is composed of the original file name using `$file->getClientOriginalName()`. 2. Files stored directly on your server in a public storage disk. 3. Webserver is configured to execute “.php” files. This issue has been addressed in release versions `2.12.7` and `3.5.2`. All users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-20406 | 1 Cisco | 1 Ios Xr | 2024-10-07 | N/A | 7.4 HIGH |
| A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending specific IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency. This vulnerability affects segment routing for IS-IS over IPv4 and IPv6 control planes as well as devices that are configured as level 1, level 2, or multi-level routing IS-IS type. | |||||
| CVE-2024-8889 | 1 Circutor | 2 Tcp2rs\+, Tcp2rs\+ Firmware | 2024-10-07 | N/A | 9.1 CRITICAL |
| Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP protocol and port 2000, deconfiguring the device and thus disabling its use. This equipment is at the end of its useful life cycle. | |||||
| CVE-2024-47179 | 2024-10-02 | N/A | 8.8 HIGH | ||
| RSSHub is an RSS network. Prior to commit 64e00e7, RSSHub's `docker-test-cont.yml` workflow is vulnerable to Artifact Poisoning, which could have lead to a full repository takeover. Downstream users of RSSHub are not vulnerable to this issue, and commit 64e00e7 fixed the underlying issue and made the repository no longer vulnerable. The `docker-test-cont.yml` workflow gets triggered when the `PR - Docker build test` workflow completes successfully. It then collects some information about the Pull Request that triggered the triggering workflow and set some labels depending on the PR body and sender. If the PR also contains a `routes` markdown block, it will set the `TEST_CONTINUE` environment variable to `true`. The workflow then downloads and extracts an artifact uploaded by the triggering workflow which is expected to contain a single `rsshub.tar.zst` file. However, prior to commit 64e00e7, it did not validate and the contents were extracted in the root of the workspace overriding any existing files. Since the contents of the artifact were not validated, it is possible for a malicious actor to send a Pull Request which uploads, not just the `rsshub.tar.zst` compressed docker image, but also a malicious `package.json` file with a script to run arbitrary code in the context of the privileged workflow. As of commit 64e00e7, this scenario has been addressed and the RSSHub repository is no longer vulnerable. | |||||
| CVE-2024-45825 | 1 Rockwellautomation | 2 5015-u8ihft, 5015-u8ihft Firmware | 2024-10-02 | N/A | 7.5 HIGH |
| CVE-2024-45825 IMPACT A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service. | |||||
| CVE-2024-45612 | 1 Contao | 1 Contao | 2024-09-23 | N/A | 5.3 MEDIUM |
| Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page (front end). Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to upgrade should disable canonical tags in the root page settings. | |||||
| CVE-2024-34545 | 1 Intel | 1 Raid Web Console | 2024-09-23 | N/A | 5.7 MEDIUM |
| Improper input validation in some Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable information disclosure via adjacent access. | |||||
| CVE-2024-45798 | 2024-09-20 | N/A | 9.9 CRITICAL | ||
| arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. The `arduino-esp32` CI is vulnerable to multiple Poisoned Pipeline Execution (PPE) vulnerabilities. Code injection in `tests_results.yml` workflow (`GHSL-2024-169`) and environment Variable injection (`GHSL-2024-170`). These issue have been addressed but users are advised to verify the contents of the downloaded artifacts. | |||||
| CVE-2024-37406 | 2024-09-20 | N/A | 7.5 HIGH | ||
| In Brave Android prior to v1.67.116, domains in the Brave Shields popup are elided from the right instead of the left, which may lead to domain confusion. | |||||
| CVE-2024-45601 | 2024-09-20 | N/A | 7.5 HIGH | ||
| Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validation in a specific endpoint. This could have allowed an attacker to access files not intended to be served. Users are strongly advised to update to the latest version of Mesop immediately. The latest version includes a fix for this vulnerability. At time of publication 0.12.4 is the most recently available version of Mesop. | |||||
| CVE-2024-6077 | 1 Rockwellautomation | 14 1756-en4, 1756-en4 Firmware, Compact Guardlogix 5380 Sil 2 and 11 more | 2024-09-19 | N/A | 7.5 HIGH |
| A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover. | |||||
| CVE-2024-38483 | 1 Dell | 82 Embedded Box Pc 5000, Embedded Box Pc 5000 Firmware, Latitude 12 Rugged Extreme 7214 and 79 more | 2024-09-18 | N/A | 6.7 MEDIUM |
| Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | |||||
| CVE-2024-38046 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-09-18 | N/A | 7.8 HIGH |
| PowerShell Elevation of Privilege Vulnerability | |||||
| CVE-2024-44094 | 1 Google | 1 Android | 2024-09-18 | N/A | 7.8 HIGH |
| In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-38194 | 1 Microsoft | 1 Azure Web Apps | 2024-09-17 | N/A | 9.9 CRITICAL |
| An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network. | |||||
| CVE-2024-38216 | 1 Microsoft | 1 Azure Stack Hub | 2024-09-17 | N/A | 9.0 CRITICAL |
| Azure Stack Hub Elevation of Privilege Vulnerability | |||||